From patchwork Tue Apr 26 19:36:28 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Seth Forshee <seth.forshee@canonical.com>
X-Patchwork-Id: 8943701
Return-Path: <linux-fsdevel-owner@kernel.org>
X-Original-To: patchwork-linux-fsdevel@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork1.web.kernel.org (Postfix) with ESMTP id A8C749F1D3
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Tue, 26 Apr 2016 19:39:58 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id D8BF220166
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Tue, 26 Apr 2016 19:39:57 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 0DCD12015A
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Tue, 26 Apr 2016 19:39:57 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1753231AbcDZTjF (ORCPT
	<rfc822;patchwork-linux-fsdevel@patchwork.kernel.org>);
	Tue, 26 Apr 2016 15:39:05 -0400
Received: from mail-ig0-f176.google.com ([209.85.213.176]:37471 "EHLO
	mail-ig0-f176.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752437AbcDZThP (ORCPT
	<rfc822;linux-fsdevel@vger.kernel.org>);
	Tue, 26 Apr 2016 15:37:15 -0400
Received: by mail-ig0-f176.google.com with SMTP id g8so25525429igr.0
	for <linux-fsdevel@vger.kernel.org>;
	Tue, 26 Apr 2016 12:37:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=canonical-com.20150623.gappssmtp.com; s=20150623;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=6wp+PLaoRzmNmk4QzmosQuFHoGYfjs+oQVk8R8M0s9M=;
	b=nU6xY84n4EcejeABOJPlpQWzlde2y+gFYrVPYMyDw1oMv+Ckh/I2EHW6oNDifmvrwA
	F+iPl3QW86jymi1Vp/jPHJ1geMzZUAZ1pa1837hWkqt2UqKq8/XQx0SppP++sV1dGGs2
	rLPDifC0r4rxeoUHXQr+AG5Qa0EHjvAkoERETXyCrwFZYuHebrfTNW2t1aPmr/3Lnh8n
	LXTomFFahH4N9OZyZZO7hr8Ii7XpQsXZESqu7KzGLFS57kaPLjUzfGSmj0Kso8ydAZSw
	5EFdNlScxed0nPc31FaQJlonYCM4gC59k/Bu4h4feOLfNcLUTW8AIisgX/HhwcoSzNiT
	xOvw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=6wp+PLaoRzmNmk4QzmosQuFHoGYfjs+oQVk8R8M0s9M=;
	b=JLMwXWsUqvpMwFJmC4CyF3P71qC+JinL+myDT2luFIs+hc6U42M9yEpjxOf9z0jd78
	JCVl4tx7CslFxshGxj+IhgND8D8Uwmef+/4afvQZg5Xd6giQmr9AJB8f9EKJt/Im3keg
	Xr0/gK6Pu8vWevhAC82qgWf6ZNayj/sNkj16M4aJn2tkshsghRYXLdcjlq8v39E1+E93
	ogk3D1qLTgOnh1p0jg1eib6Zpq5xRB6jOSZX7i+V80xCWVtsE/7WKJEhdemtZeXKDJKj
	zO9cWwD/tYZ8rFmWOulIVVdIfutQ8OYhdTirRRZj1L5BV1wND4Pi7RFqC1NZ3C2SHQ+m
	/mfg==
X-Gm-Message-State: 
 AOPr4FVVlOAG67uTrw37QzhzFNvvp58eG2X649LkD+16U7vcvyveDOiW6NzTPxqEQnBN4S4Q
X-Received: by 10.50.164.165 with SMTP id yr5mr20785114igb.48.1461699429881;
	Tue, 26 Apr 2016 12:37:09 -0700 (PDT)
Received: from localhost ([2605:a601:aab:f920:39a1:5bcf:aa:5b00])
	by smtp.gmail.com with ESMTPSA id
	m143sm2346548ioe.43.2016.04.26.12.37.09
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Tue, 26 Apr 2016 12:37:09 -0700 (PDT)
From: Seth Forshee <seth.forshee@canonical.com>
To: "Eric W. Biederman" <ebiederm@xmission.com>,
	Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Serge Hallyn <serge.hallyn@canonical.com>,
	Richard Weinberger <richard.weinberger@gmail.com>,
	Austin S Hemmelgarn <ahferroin7@gmail.com>,
	Miklos Szeredi <mszeredi@redhat.com>,
	Pavel Tikhomirov <ptikhomirov@virtuozzo.com>,
	linux-kernel@vger.kernel.org, linux-bcache@vger.kernel.org,
	dm-devel@redhat.com, linux-raid@vger.kernel.org,
	linux-mtd@lists.infradead.org, linux-fsdevel@vger.kernel.org,
	fuse-devel@lists.sourceforge.net,
	linux-security-module@vger.kernel.org, selinux@tycho.nsa.gov,
	cgroups@vger.kernel.org, Seth Forshee <seth.forshee@canonical.com>
Subject: [PATCH v4 15/21] fs: Don't remove suid for CAP_FSETID in s_user_ns
Date: Tue, 26 Apr 2016 14:36:28 -0500
Message-Id: <1461699396-33000-16-git-send-email-seth.forshee@canonical.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1461699396-33000-1-git-send-email-seth.forshee@canonical.com>
References: <1461699396-33000-1-git-send-email-seth.forshee@canonical.com>
Sender: linux-fsdevel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-fsdevel.vger.kernel.org>
X-Mailing-List: linux-fsdevel@vger.kernel.org
X-Spam-Status: No, score=-7.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_HI,RP_MATCHES_RCVD,T_DKIM_INVALID,UNPARSEABLE_RELAY
	autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

Expand the check in should_remove_suid() to keep privileges for
CAP_FSETID in s_user_ns rather than init_user_ns.

Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
---
 fs/inode.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/inode.c b/fs/inode.c
index 69b8b526c194..cd52170f9117 100644
--- a/fs/inode.c
+++ b/fs/inode.c
@@ -1690,7 +1690,8 @@ int should_remove_suid(struct dentry *dentry)
 	if (unlikely((mode & S_ISGID) && (mode & S_IXGRP)))
 		kill |= ATTR_KILL_SGID;
 
-	if (unlikely(kill && !capable(CAP_FSETID) && S_ISREG(mode)))
+	if (unlikely(kill && !ns_capable(dentry->d_sb->s_user_ns, CAP_FSETID) &&
+		     S_ISREG(mode)))
 		return kill;
 
 	return 0;